Identity threat detection and response
From Wikipedia, the free encyclopedia
Identity threat detection and response (ITDR) is a cybersecurity discipline that includes tools and best practices to protect identity management infrastructure from attacks. ITDR can block and detect threats, verify administrator credentials, respond to various attacks, and restore normal operations.[1] Common identity threats include phishing, stolen credentials, insider threats, and ransomware.[2]
ITDR adds an extra layer of security to identity and access management (IAM) systems. It helps secure accounts, permissions, and the identity infrastructure itself from compromise. With attackers targeting identity tools directly, ITDR is becoming more important in 2023 : according to Gartner, established IAM hygiene practices like privileged access management and identity governance are no longer enough.[1]
ITDR can be part of a zero trust security model. ITDR is especially relevant for multicloud infrastructures, which have gaps between cloud providers' distinct IAM implementations. Closing these gaps and orchestrating identity across clouds is an ITDR focus.[3]